Lucene search

K

FreeBSD23AB5C3E-79C3-11E4-8B1E-D050992ECDE8

HistoryDec 01, 2014 - 12:00 a.m.

OpenVPN -- denial of service security vulnerability

2014-12-0100:00:00

vuxml.freebsd.org

11

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.006 Low

EPSS

Percentile

78.3%

The OpenVPN project reports:

In late November 2014 Dragana Damjanovic notified OpenVPN
developers of a critical denial of service security vulnerability
(CVE-2014-8104). The vulnerability allows an tls-authenticated
client to crash the server by sending a too-short control channel
packet to the server. In other words this vulnerability is denial
of service only.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenvpn< 2.0.11UNKNOWN

References

community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.006 Low

EPSS

Percentile

78.3%

Related for 23AB5C3E-79C3-11E4-8B1E-D050992ECDE8

nessus16 openvas18 amazon1 fedora5 prion1 cve1 debiancve1 osv1 nvd1 ubuntucve1 cvelist1 archlinux1 suse3 gentoo1 mageia1 securityvulns2 debian2 ubuntu1 altlinux1 slackware1